CODEWITHSUNDEEP
asp.net-web-apiidentityclaims
Wella
Wella

Reputation: 1476

User claim update not effected in ASP.NET Identity?

i need to update the user claim in web api after the user logged in. but after updating the user claim it will still return previous values. bellow code used to update active user group after the user logged in.

/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
    /// <summary>
    /// Initializes a new instance of the <see cref="AppUser"/> class.
    /// </summary>
    /// <param name="principal">The principal.</param>
    public AppUser(ClaimsPrincipal principal)
        : base(principal)
    {
    }

    /// <summary>
    /// Gets the name.
    /// </summary>
    /// <value>
    /// The name.
    /// </value>
    public string Name
    {
        get
        {
            return this.FindFirst(ClaimTypes.Name).Value;
        }
    }

    /// <summary>
    /// Gets the name of the user.
    /// </summary>
    /// <value>
    /// The name of the user.
    /// </value>
    public string UserName
    {
        get
        {
            return this.FindFirst("UserName").Value;
        }
    }

    /// <summary>
    /// Gets the active group.
    /// </summary>
    /// <value>
    /// The active group.
    /// </value>
    public string ActiveGroup
    {
        get
        {
            return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
        }
    }

    /// <summary>
    /// Gets the email.
    /// </summary>
    /// <value>
    /// The email.
    /// </value>
    public string Email
    {
        get
        {
            return this.FindFirst("Email").Value;
        }
    }
}


/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
    /// <summary>
    /// Gets the current user.
    /// </summary>
    /// <value>
    /// The current user.
    /// </value>
    public AppUser CurrentUser
    {
        get
        {
            return new AppUser(this.User as ClaimsPrincipal);
        }
    }
}



public class AccountController : BaseController
{

    [HttpPost]
    [Route("UpdateUserGroup")]
    public int UpdateUserGroup(string userGroup)
    {
        var user = User as ClaimsPrincipal;
        var identity = user.Identity as ClaimsIdentity;
        identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
        identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
        return 1;
    }
 }

Upvotes: 0

Views: 299

Answers (1)

Marcus H&#246;glund
Marcus H&#246;glund

Reputation: 16801

The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.

If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Upvotes: 1

Related Questions